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AMENDMENTS TO THE CLAIMS 

1. (Currently amended) A method of dynamically mitigating a noncompliant password, the 

method comprising the machine-implemented steps of: 

obtaining a password from a user when the user attempts to access a service; 

determining whether the password meets quality criteria; and 

if the password does not meet the quality criteria, performing one or more responsive 
actions that relate to accessing the service granting a different level of access 
than if the password meets the quality criteria . 

2. (Currently amended) The method of Claim 1, further comprising wherein the step of 

performing one or more responsive actions that relate to accessing the service 
comprises : 

if the password meets the quality criteria, granting to the user a first level of access to 
the service, wherein the first level of access to the service is associated with 
the quality criteria; 

if the password meets a second quality criteria, granting to the user a second level of 
access to the service, wherein the second level of access to the service is 
associated with the second quality criteria, wherein the second quality criteria 
is distinct from the quality criteria and wherein, if a particular password meets 
the quality criteria, then the password meets the second quality criteria. 

3. (Currently amended) The method of Claim 1, further comprising if the password does not 

meet the quality criteria, wherein the step of performing one or more responsive 
actions that relate to accessing the service comprises performing one or more of: 

logging information related to the password; 

sending a report about the password; 

generating an alert about the password; 

forcing a password change; or 

blocking the user's access to the service. 
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4. (Original) The method of Claim 1, wherein the method further comprises, if the 

password does meet the quality criteria, providing user access to the service. 

5. (Original) The method of Claim 1, wherein the step of determining whether the 

password meets quality criteria further comprises one or more of the steps of: 
performing a dictionary look-up based on the one or more symbols used in the 
password; 

checking the length of the one or more symbols used in the password; 
checking the number of unique characters of the one or more symbols used in the 
password; 

checking the case of the characters in the one or more symbols used in the password; 
checking the sequencing of characters in the one or more symbols used in the 
password; or 

performing statistical analysis based on the one or more symbols used in the 
password. 

6. (Original) The method of Claim 1, wherein the step of performing one or more 

responsive actions that relate to accessing the service comprises logging information 
related to the password. 

7. (Currently amended) The method of Claim 1, further comprising if the password does not 

meet the quality criteria, wherein the step of performing one or more responsive 
actions that relate to accessing th e s e rvice comprises sending a report about the 
password. 

8. (Currently amended) The method of Claim 1, further comprising if the password does not 

meet the quality criteria, wherein the step of performing one or more responsive 
actions that relate to accessing the service comprises generating an alert about the 
password. 
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9. (Currently amended) The method of Claim 1, further comprising if the password does not 

meet the quality criteria, wherein the step of performing one or more responsive 
actions that relate to accessing the service comprises forcing a password change. 

10. (Currently amended) The method of Claim 1, further comprising if the password does not 

meet the quality criteria, wherein the step of performing one or more responsive 
actions that relate to accessing the service comprises blocking the user's access to the 
service. 

11. (Original) The method of Claim 1, wherein obtaining the password from the user 

comprises obtaining the password from the user via a graphical user interface. 

12. (Original) The method of Claim 1, wherein obtaining the password from the user 

comprises obtaining the password from the user via an electronic interface. 

13. (Original) The method of Claim 1, wherein the method further comprises the step of 

determining a quality score for the password, and wherein the step of determining 
whether the password meets quality criteria comprises comparing the quality score to 
a predefined threshold value. 

14. (Original) The method of Claim 1, further comprising the steps of: 

obtaining the password from a repository of passwords; 
making a first determination whether the password meets quality criteria; and 
storing in a particular machine-readable medium an indication of the first 
determination for the password; 
wherein the step of determining whether the password meets quality criteria 
comprises accessing the particular machine-readable medium. 

15. (Original) The method of Claim 1, wherein the user is associated with a particular user 

role, and wherein determining whether the password meets quality criteria comprises 
determining whether the password meets quality criteria for the particular user role. 
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16. (Original) The method of Claim 1, wherein determining whether the password meets 

quality criteria comprises determining whether the password meets quality criteria for 
the service. 

17. (Original) The method of Claim 1, wherein the step of obtaining the password comprises 

an access service obtaining the password from the user when the user attempts to 
access the service, and wherein the access service comprises machine executable 
instructions executing on a particular machine, and the service comprises machine 
executable instruction executing on the same particular machine. 

18. (Original) The method of Claim 1, wherein the step of obtaining the password comprises 

an access service obtaining the password from the user when the user attempts to 
access the service, and wherein the access service comprises machine executable 
instructions executing on a first machine and the service comprises machine 
executable instructions executing on a second machine, wherein the first machine is 
distinct from the second machine. 



19. (Currently amended) A method of dynamically mitigating a noncompliant password, the 
method comprising the machine- implemented steps of: 
obtaining a password from a user when the user attempts to access a service; 
determining whether the password meets quality criteria; and 

if the password does not meet the quality criteria, granting a different level of access 

than if the password meets the quality criteria performing one or more of: 

forcing a password change; or 

blocking the user's access to the service ; and 
wherein the step of determining whether the password meets quality criteria further 

comprises one or more of the steps of: 

performing a dictionary look-up based on the one or more symbols used in the 
password; 

checking the length of the one or more symbols used in the password; 
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checking the number of unique characters of the one or more symbols used in 
the password; 

checking the case of the characters in the one or more symbols used in the 
password; 

checking the sequencing of characters in the one or more symbols used in the 
password; or 

performing statistical analysis based on the one or more symbols used in the 
password. 



20. (Currently amended) A machine-readable medium carrying one or more sequences of 

instructions for dynamically mitigating a noncompliant password, which instructions, 
when executed by one or more processors, cause the one or more processors to carry 
out the steps of: 

obtaining a password from a user when the user attempts to access a service; 
determining whether the password meets quality criteria; and 

if the password does not meet the quality criteria, performing one or more responsive 



21. (Currently amended) The machine-readable medium of Claim 20, further comprising 
instructions which, when executed by the one or more processors, cause the one or 



actions that relate to accessing the service comprises : 

if the password meets the quality criteria, granting to the user a first level of access to 
the service, wherein the first level of access to the service is associated with 
the quality criteria; 

if the password meets a second quality criteria, granting to the user a second level of 
access to the service, wherein the second level of access to the service is 
associated with the second quality criteria, wherein the second quality criteria 
is distinct from the quality criteria and wherein, if a particular password meets 
the quality criteria, then the password meets the second quality criteria. 




granting a different level of access 



than if the password meets the quality criteria . 



more processors to carry out wherein the step of performing 



responsiv 
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22. (Currently amended) The machine -readable medium of Claim 20, further comprising 
instructions which, when executed by the one or more processors, cause the one or 
more processors to carry out: if the password does not meet the quality criteria, 
wherein the step of performing one or more responsive actions that relate to accessing 
the service comprises performing one or more of: 

logging information related to the password; 

sending a report about the password; 

generating an alert about the password; 

forcing a password change; or 

blocking the user's access to the service. 



23. (Original) The machine-readable medium of Claim 20, further comprising instructions 

which, when executed by the one or more processors, cause the one or more 
processors to carry out the step of, if the password does meet the quality criteria, 
providing user access to the service. 

24. (Original) The machine-readable medium of Claim 20, wherein the step of determining 

whether the password meets quality criteria further comprises one or more of the 
steps of: 

performing a dictionary look-up based on the one or more symbols used in the 
password; 

checking the length of the one or more symbols used in the password; 
checking the number of unique characters of the one or more symbols used in the 
password; 

checking the case of the characters in the one or more symbols used in the password; 
checking the sequencing of characters in the one or more symbols used in the 
password; or 

performing statistical analysis based on the one or more symbols used in the 
password. 
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25. (Currently amended) The machine -readable medium of Claim 20, further comprising 

instructions which, when executed by the one or more processors, cause the one or 
more processors to carry out: if the password does not meet the quality criteria, 
wherein the step of performing one or more responsive actions that relate to accessing 
the service comprises logging information related to the password. 

26. (Currently amended) The machine-readable medium of Claim 20, further comprising 

instructions which, when executed by the one or more processors, cause the one or 
more processors to carry out: if the password does not meet the quality criteria, 
wherein the step of performing one or more responsive actions that relate to accessing 
the service comprises sending a report about the password. 

27. (Currently amended) The machine-readable medium of Claim 20, further comprising 

instructions which, when executed by the one or more processors, cause the one or 
more processors to carry out: if the password does not meet the quality criteria, 
wherein the step of performing one or more responsive actions that relate to accessing 
the service comprises generating an alert about the password. 

28. (Currently amended) The machine-readable medium of Claim 20, further comprising 

instructions which, when executed by the one or more processors, cause the one or 
more processors to carry out: if the password does not meet the quality criteria, 
wherein the step of performing one or more responsive actions that relate to accessing 
the sendee comprises forcing a password change. 

29. (Currently amended) The machine-readable medium of Claim 20, further comprising 

instructions which, when executed by the one or more processors, cause the one or 
more processors to carry out: if the password does not meet the quality criteria, 
wherein the step of performing one or more responsive actions that relate to accessing 
the service comprises blocking the user's access to the service. 
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30. (Original) The machine-readable medium of Claim 20, wherein obtaining the password 

from the user comprises obtaining the password from the user via a graphical user 
interface. 

31. (Original) The machine-readable medium of Claim 20, wherein obtaining the password 

from the user comprises obtaining the password from the user via an electronic 
interface. 

32. (Original) The machine-readable medium of Claim 20, further comprising instructions 

which, when executed by the one or more processors, cause the one or more 
processors to carry out the step of determining a quality score for the password, and 
wherein the step of determining whether the password meets quality criteria 
comprises comparing the quality score to a predefined threshold value. 

33. (Original) The machine-readable medium of Claim 20, further comprising instructions 

which, when executed by the one or more processors, cause the one or more 
processors to carry out the steps of: 

obtaining the password from a repository of passwords; 

making a first determination whether the password meets quality criteria; and 

storing in a particular machine-readable medium an indication of the first 
determination for the password; 
and wherein the step of determining whether the password meets quality criteria 

comprises accessing the particular machine-readable medium. 

34. (Original) The machine-readable medium of Claim 20, wherein the user is associated 

with a particular user role, and wherein determining whether the password meets 
quality criteria comprises determining whether the password meets quality criteria for 
the particular user role. 
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35. (Original) The machine-readable medium of Claim 20, wherein determining whether the 

password meets quality criteria comprises determining whether the password meets 
quality criteria for the service. 

36. (Currently amended) An apparatus for dynamically mitigating a noncompliant password, 

comprising: 

means for obtaining a password from a user when the user attempts to access a 
service; 

means for determining whether the password meets quality criteria; and 
means for granting a different level of access, performing one or more responsive 
actions that relate to accessing the service if the password does not meet the 
quality criteria , than if the password meets the quality criteria . 

37. (Currently amended) The apparatus of Claim 36, further comprising wherein the means 

for performing one or more responsive actions that relate to accessing the service 
comprises : 

means for granting to the user a first level of access to the service, if the password 
meets the quality criteria, wherein the first level of access to the service is 
associated with the quality criteria; 

means for granting to the user a second level of access to the service, if the password 
meets a second quality criteria, wherein the second level of access to the 
service is associated with the second quality criteria, wherein the second 
quality criteria is distinct from the quality criteria and wherein, if a particular 
password meets the quality criteria, then the password meets the second 
quality criteria.. 

38. (Currently amended) The apparatus of Claim 36, further comprising means for 

performing, if the password does not meet the quality criteria, wherein the means for 
performing one or more responsive actions that relate to accessing the service 
comprises one or more of: 

means for logging information related to the password; 
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means for sending a report about the password; 
means for generating an alert about the password; 
means for forcing a password change; or 
means for blocking the user's access to the service. 

39. (Original) The apparatus of Claim 36, wherein the apparatus further comprises means for 

providing user access to the service if the password does meet the quality criteria. 

40. (Original) The apparatus of Claim 36, wherein the means for determining whether the 

password meets quality criteria further comprises one or more of: 
means for performing a dictionary look-up based on the one or more symbols used in 
the password; 

means for checking the length of the one or more symbols used in the password; 
means for checking the number of unique characters of the one or more symbols used 
in the password; 

means for checking the case of the characters in the one or more symbols used in the 
password; 

means for checking the sequencing of characters in the one or more symbols used in 
the password; or 

means for performing statistical analysis based on the one or more symbols used in 
the password. 

41. (Currently amended) The apparatus of Claim 36, further comprising wherein the means 

for performing one or more responsive actions that relate to accessing the service 
comprises means for logging information related to the password , if the password 
does not meet the quality criteria . 

42. (Currently amended) The apparatus of Claim 36, further comprising wherein the means 

for performing one or more responsive actions that relate to accessing the service 
comprises means for sending a report about the password , if the password does not 
meet the quality criteria . 
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43. (Currently amended) The apparatus of Claim 36, further comprising wherein the means 

for performing one or more responsiv e actions that relate to accessing the service 
comprises means for generating an alert about the password , if the password does not 
meet the quality criteria . 

44. (Currently amended) The apparatus of Claim 36, further comprising wherein the means 

for performing one or more responsive actions that relate to accessing the service 
comprises means for forcing a password change , if the password does not meet the 
quality criteria . 

45. (Currently amended) The apparatus of Claim 36, further comprising wherein the means 

for performing one or more responsive actions that relate to accessing the service 
comprises means for blocking the user's access to the service , if the password does 
not meet the quality criteria . 

46. (Original) The apparatus of Claim 36, wherein the means for obtaining the password 

from the user comprises means for obtaining the password from the user via a 
graphical user interface. 

47. (Original) The apparatus of Claim 36, wherein the means for obtaining the password 

from the user comprises means for obtaining the password from the user via an 
electronic interface. 

48. (Original) The apparatus of Claim 36, wherein the apparatus further comprises means for 

determining a quality score for the password, and wherein the means for determining 
whether the password meets quality criteria comprises means for comparing the 
quality score to a predefined threshold value. 

49. (Original) The apparatus of Claim 36, further comprising: 

means for obtaining the password from a repository of passwords; 
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means for making a first determination whether the password meets quality 
criteria; and 

means for storing in a particular machine-readable medium an indication of 
the first determination for the password; 
and wherein the means for determining whether the password meets quality criteria 
comprises means for accessing the particular machine-readable medium. 

50. (Original) The apparatus of Claim 36, wherein the user is associated with a particular 

user role, and wherein means for determining whether the password meets quality 
criteria comprises means for determining whether the password meets quality criteria 
for the particular user role. 

5 1 . (Original) The apparatus of Claim 36, wherein means for determining whether the 

password meets quality criteria comprises means for determining whether the 
password meets quality criteria for the service. 

52. (Original) The apparatus of Claim 36, wherein the means for obtaining the password 

comprises means for an access service to obtain the password from the user when the 
user attempts to access the service, and wherein the access service comprises means 
for executing on a particular machine, and wherein the service comprises means for 
executing on the same particular machine. 

53. (Original) The apparatus of Claim 36, wherein the means for obtaining the password 

comprises means for an access service to obtain the password from the user when the 
user attempts to access the service, and wherein the access service comprises means 
for executing on a first machine and the service comprises means for executing on a 
second machine, wherein the first machine is distinct from the second machine. 

54. (Currently amended) An apparatus for dynamically mitigating a noncompliant password, 

comprising: 

a network interface that is coupled to the data network for receiving one or more packet 
flows therefrom; 
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a processor; 

one or more stored sequences of instructions which, when executed by the processor, cause 
the processor to carry out the steps of: 

obtaining a password from a user when the user attempts to access a service; 
determining whether the password meets quality criteria; and 

if the password does not meet the quality criteria, performing one or more responsive 
actions that relate to accessing the service granting a different level of access 
than if the password meets the quality criteria . 

55. (Currently amended) The apparatus of Claim 54, wherein the apparatus further comprises 

one or more stored sequences of instructions which, when executed by the processor, 
cause the processor to carry out wherein the step of performing one or more 
responsive actions that relate to accessing the service comprises : 
if the password meets the quality criteria, granting to the user a first level of access to 

the service, wherein the first level of access to the service is associated with 

the quality criteria; 

if the password meets a second quality criteria, granting to the user a second level of 
access to the service, wherein the second level of access to the service is 
associated with the second quality criteria, wherein the second quality criteria 
is distinct from the quality criteria and wherein, if a particular password meets 
the quality criteria, then the password meets the second quality criteria. 

56. (Currently amended) The apparatus of Claim 54, wherein the apparatus further comprises 

one or more stored sequences of instructions which, when executed by the processor, 
cause the processor to carry out: if the password does not meet the quality criteria, 
wherein the step of performing one or more responsive actions that relate to accessing 
the service comprises performing one or more of: 

logging information related to the password; 

sending a report about the password; 

generating an alert about the password; 

forcing a password change; or 

blocking the user's access to the service. 
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57. (Original) The apparatus of Claim 54, wherein the apparatus further comprises one or 

more stored sequences of instructions which, when executed by the processor, cause 
the processor to carry out the step of, if the password does meet the quality criteria, 
providing user access to the service. 

58. (Original) The apparatus of Claim 54, wherein the step of determining whether the 

password meets quality criteria comprises one or more of the steps of: 
performing a dictionary look-up based on the one or more symbols used in the 
password; 

checking the length of the one or more symbols used in the password; 
checking the number of unique characters of the one or more symbols used in the 
password; 

checking the case of the characters in the one or more symbols used in the password; 
checking the sequencing of characters in the one or more symbols used in the 
password; or 

performing statistical analysis based on the one or more symbols used in the 
password. 

59. (Currently amended) The apparatus of Claim 54, wherein the apparatus further comprises 

one or more stored sequences of instructions which, when executed by the processor, 
cause the processor to carry out: if the password does not meet the quality criteria, 
wherein the step of performing one or more responsive actions that relate to accessing 
the sendee comprises logging information related to the password. 

60. (Currently amended) The apparatus of Claim 54, wherein the apparatus further comprises 

one or more stored sequences of instructions which, when executed by the processor, 
cause the processor to carry out: if the password does not meet the quality criteria, 
wherein the step of performing one or more responsive actions that relate to accessing 
the service comprises sending a report about the password. 
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61. (Currently amended) The apparatus of Claim 54, wherein the apparatus further comprises 

one or more stored sequences of instructions which, when executed by the processor, 
cause the processor to carry out: if the password does not meet the quality criteria, 
wherein the step of performing one or more responsive actions that relate to accessing 
the service comprises generating an alert about the password. 

62. (Currently amended) The apparatus of Claim 54, wherein the apparatus further comprises 

one or more stored sequences of instructions which, when executed by the processor, 
cause the processor to carry out: if the password does not meet the quality criteria, 
wherein the step of performing one or more responsive actions that relate to accessing 
the service comprises forcing a password change. 

63. (Currently amended) The apparatus of Claim 54, wherein the apparatus further comprises 

one or more stored sequences of instructions which, when executed by the processor, 
cause the processor to carry out: if the password does not meet the quality criteria, 
wherein the step of performing one or more responsive actions that relate to accessing 
the service comprises blocking the user's access to the service. 

64. (Original) The apparatus of Claim 54, wherein obtaining the password from the user 

comprises obtaining the password from the user via a graphical user interface. 

65. (Original) The apparatus of Claim 54, wherein obtaining the password from the user 

comprises obtaining the password from the user via an electronic interface. 

66. (Original) The apparatus of Claim 54, wherein the apparatus further comprises one or 

more stored sequences of instructions which, when executed by the processor, cause 
the processor to carry out the step of determining a quality score for the password, 
and wherein the step of determining whether the password meets quality criteria 
comprises comparing the quality score to a predefined threshold value. 
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67. (Original) The apparatus of Claim 54, further comprising one or more stored sequences 

of instructions which, when executed by the processor, cause the processor to carry 
out the steps of: 

obtaining the password from a repository of passwords; 

making a first determination whether the password meets quality criteria; and 

storing in a particular machine-readable medium an indication of the first 
determination for the password; 
and wherein the step of determining whether the password meets quality criteria 

comprises accessing the particular machine-readable medium. 

68. (Original) The apparatus of Claim 54, wherein the user is associated with a particular 

user role, and wherein determining whether the password meets quality criteria 
comprises determining whether the password meets quality criteria for the particular 
user role. 

69. (Original) The apparatus of Claim 54, wherein determining whether the password meets 

quality criteria comprises determining whether the password meets quality criteria for 
the service. 

70. (Original) The apparatus of Claim 54, wherein the step of obtaining the password 

comprises an access service obtaining the password from the user when the user 
attempts to access the service, and wherein the access service comprises machine 
executable instructions executing on the apparatus, and the service comprises 
machine executable instruction executing on the same apparatus. 



50325-0874 (Seq. No. 8660) 



17 



Application of Jeremy Stieglitz et al. 
Serial No. 10/825,827, filed 04/16/2004 



Reply to Office Action 



71. (Original) The apparatus of Claim 54, wherein the step of obtaining the password 
comprises an access service obtaining the password from the user when the user 
attempts to access the service, and wherein the access service comprises machine 
executable instructions executing on a first machine and the service comprises 
machine executable instructions executing on a second machine, wherein the first 
machine is distinct from the second machine. 
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